What are the banks doing to ensure our money is secure?
As it is so ingrained into our daily lives, we tend to think of the banking system as a secure and trustworthy industry that has plenty of safeguards in place. But the reality is that just like many other areas of our lives, it is under great threat in terms of cyber security and nefarious actors who want to undermine global banking system.
One reason why the cyber security of global finance systems has come under threat recently is due to the increasingly linked and networked nature of money. We no longer go to a bank with cash or a cheque and deposit it in a vault. Instead, our money is increasingly represented as data, making it easier for hackers to infiltrate systems and upset far more than just a couple of bank accounts or a single branch.
As Yahoo Tech reported recently, “A series of spectacular cyber attacks against banks, resulting in the theft of tens of millions of dollars, has heightened fears for an industry becoming an increasingly attractive target for hackers.”
A lot of the attacks have been focused on the interbank service known as SWIFT, used worldwide, which is the Society for Worldwide Interbank Financial Telecommunication that “supplies secure messaging services and interface software to wholesale financial entities.” So far this year, banks in Bangladesh, the Philippines, Vietnam and Ecuador have been targets of such an attack and it’s predicted by many that these kind of attacks will continue.
As The Economist noted on the issue, targeting systems like SWIFT, rather than simply trying to steal money from individual accounts, has much farther reaching and more dangerous implications. “Rather than hacking into an individual bank, the assailants might aim straight at the heart of global finance by choosing as their target parts of its essential “financial-market infrastructure” (FMI), such as clearing houses or payments systems. FMIs are like the plumbing in a city: they facilitate the smooth flow of money. Because plenty can go wrong between the promise of a payment (eg, writing a cheque or making a digital purchase) and its actual settlement (the money arriving into the bank account of the seller), clearing houses sit in the middle of transactions to process them and insulate both sides against credit risk.”
Undermining the trust that the entire global banking system is based on, rather than targeting a few individual accounts, has the potential to throw the global financial markets into a tailspin. This is because a system based on trust must not lose the confidence of its customers who will otherwise withdraw their money if they feel it is insecure.
So what are the financial institutions that we’re supposed to trust with our hard-earned money doing to protect the global banking system from attack? The first is enlisting the help of would-be infiltrators themselves, or “white hat hackers” who look at a financial system from the outside and figure out where the potential vulnerabilities lie. This so-called “threat intelligence” informs how banking institutions structure and defend their systems, but it is essential that once formulated, banks must continue to innovate. Hackers thrive on finding complacency and laziness, so it’s not enough to secure systems once and consider it a job done.
Another way that banks can step up to the plate is to focus not just on prevention, but on recover and response as well. It’s not enough to simply claim you can prevent all attacks, there need to be mechanisms in place—such as a target of two hours to detect a breach and more willingness to share information among banks that have been hacked—to minimize damage when an attack or breach does occur.